goodspeed/Cloudlog
1
0
派生 0
代码 工单 合并请求 项目 版本发布 软件包 百科 动态 Actions

API key-based authorization implemented for api/search.

浏览代码
这个提交包含在:
Andy Smith 2012-01-02 00:08:36 +00:00
父节点 c9e43ec203
当前提交 c93bc608dd
共有 3 个文件被更改,包括 66 次插入18 次删除
显示统计信息 下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

37
application/controllers/api.php
查看文件

@ -144,10 +144,14 @@ class API extends CI_Controller {
$this->load->model('api_model'); $this->load->model('api_model');
$this->load->model('logbook_model'); $this->load->model('logbook_model');
$this->load->model('user_model'); $this->load->model('user_model');
//if(!$this->user_model->authorize(3)) { $this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard'); }
$arguments = $this->_retrieve();
if((!$this->user_model->authorize(3)) && ($this->api_model->authorize($arguments['key']) == 0)) {
$this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard');
}
// Retrieve the arguments from the query string // Retrieve the arguments from the query string
$arguments = $this->_retrieve();
$data['data']['format'] = $arguments['format']; $data['data']['format'] = $arguments['format'];
// Call the parser within the API model to build the query // Call the parser within the API model to build the query
@ -189,6 +193,27 @@ class API extends CI_Controller {
$this->load->view('api/index', $data); $this->load->view('api/index', $data);
} }
function validate()
{
// Load the API and Logbook models
$this->load->model('api_model');
$this->load->model('logbook_model');
// Retrieve the arguments from the query string
$arguments = $this->_retrieve();
// Add some debugging information to the XML output
$data['data'] = $arguments;
$data['data']['queryInfo']['call'] = "validate";
$data['data']['queryInfo']['dbQuery'] = "";
$data['data']['queryInfo']['numResults'] = 1;
$data['data']['queryInfo']['executionTime'] = 0;
$data['data']['validate_Result']['results'] = array(0 => array('Result' => $this->api_model->authorize($arguments['key'])));
$this->load->view('api/index', $data);
}
function add() function add()
{ {
// Load the API and Logbook models // Load the API and Logbook models
@ -246,6 +271,7 @@ class API extends CI_Controller {
$order = preg_grep("/^order\[(.*)\]$/", $this->uri->segments); $order = preg_grep("/^order\[(.*)\]$/", $this->uri->segments);
$fields = preg_grep("/^fields\[(.*)\]$/", $this->uri->segments); $fields = preg_grep("/^fields\[(.*)\]$/", $this->uri->segments);
$format = preg_grep("/^format\[(.*)\]$/", $this->uri->segments); $format = preg_grep("/^format\[(.*)\]$/", $this->uri->segments);
$key = preg_grep("/^key\[(.*)\]$/", $this->uri->segments);
// Strip each argument // Strip each argument
$arguments['query'] = substr(array_pop($query), 6); $arguments['query'] = substr(array_pop($query), 6);
@ -258,6 +284,13 @@ class API extends CI_Controller {
$arguments['fields'] = substr($arguments['fields'], 0, strlen($arguments['fields']) - 1); $arguments['fields'] = substr($arguments['fields'], 0, strlen($arguments['fields']) - 1);
$arguments['format'] = substr(array_pop($format), 7); $arguments['format'] = substr(array_pop($format), 7);
$arguments['format'] = substr($arguments['format'], 0, strlen($arguments['format']) - 1); $arguments['format'] = substr($arguments['format'], 0, strlen($arguments['format']) - 1);
$arguments['key'] = substr(array_pop($key), 4);
$arguments['key'] = substr($arguments['key'], 0, strlen($arguments['key']) - 1);
// By default, assume XML for the format if not otherwise set
if($arguments['format'] == "") {
$arguments['format'] = "xml";
}
// Return the arguments // Return the arguments
return $arguments; return $arguments;

45
application/models/api_model.php
查看文件

@ -38,26 +38,41 @@ class API_Model extends CI_Model {
function access($key) { function access($key) {
// No key = no access, mate
if(!$key) {
return $status = "No Key Found";
}
// Check that the key is valid // Check that the key is valid
$this->db->where('key', $key); $this->db->where('key', $key);
$query = $this->db->get('api'); $query = $this->db->get('api');
if ($query->num_rows() > 0) if ($query->num_rows() > 0)
{ {
foreach ($query->result() as $row) foreach ($query->result() as $row)
{ {
if($row->status == "active") { if($row->status == "active") {
return $status = $row->rights; return $status = $row->rights;
} else { } else {
return $status = "Key Disabled"; return $status = "Key Disabled";
} }
}
} } else {
} else { return $status = "No Key Found";
return $status = "No Key Found"; }
}
} }
function authorize($key) {
$r = $this->access($key);
if($r == "rw") {
return 2;
} else if($r == "r") {
return 1;
} else {
return 0;
}
}
// FUNCTION: string name(string $column) // FUNCTION: string name(string $column)
// Converts a MySQL column name to a more friendly name // Converts a MySQL column name to a more friendly name
function name($col) function name($col)

2
application/views/api/help.php
查看文件

@ -64,7 +64,7 @@
?> ?>
</td> </td>
<td><?php echo ucfirst($row->status); ?></td> <td><?php echo ucfirst($row->status); ?> - <a href="<?php echo site_url('/api/validate/key['.$row->key.']'); ?>">Test</td>
</tr> </tr>
<?php } ?> <?php } ?>